Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1SvQZU-0005n9-EG for bitcoin-development@lists.sourceforge.net; Sun, 29 Jul 2012 10:18:00 +0000 Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com designates 74.125.82.53 as permitted sender) client-ip=74.125.82.53; envelope-from=mh.in.england@gmail.com; helo=mail-wg0-f53.google.com; Received: from mail-wg0-f53.google.com ([74.125.82.53]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1SvQZR-0001uv-GX for bitcoin-development@lists.sourceforge.net; Sun, 29 Jul 2012 10:18:00 +0000 Received: by wgbfm10 with SMTP id fm10so3203883wgb.10 for ; Sun, 29 Jul 2012 03:17:51 -0700 (PDT) MIME-Version: 1.0 Received: by 10.180.105.130 with SMTP id gm2mr34598814wib.6.1343557071311; Sun, 29 Jul 2012 03:17:51 -0700 (PDT) Sender: mh.in.england@gmail.com Received: by 10.216.19.13 with HTTP; Sun, 29 Jul 2012 03:17:51 -0700 (PDT) Date: Sun, 29 Jul 2012 12:17:51 +0200 X-Google-Sender-Auth: gXOSOYVidvoyAV1Zakbt_AEGUQI Message-ID: From: Mike Hearn To: Bitcoin Dev Content-Type: text/plain; charset=UTF-8 X-Spam-Score: -1.5 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (mh.in.england[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1SvQZR-0001uv-GX Subject: [Bitcoin-development] Signing release binaries X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 29 Jul 2012 10:18:00 -0000 MacOS X 10.8 makes application signing borderline mandatory, in that you cannot run unsigned apps unless you tweak your settings via the control panel. You must sign with a certificate issued by Apple via their "identified developer" program. Windows allows but does not require signing. However, anti-virus systems tend to use signers with good reputation as a whitelisting signal. Signing Bitcoin releases makes sense because it may lead to, at minimum, higher performance if AV engines ignore file reads/writes by Bitcoin. And it can also shield us from false positives. You only need to see the mess that the mining tools world has become to understand why this is important. As I don't take part in the release process, I can't help out with this directly, but I believe it's important and would be willing to throw some money in towards buying the signing certs for both platforms. I guess Gavin would be the final signer.